WASHINGTON — In the latest escalation of an unprecedented cyber-attack against U.S. law enforcement, hackers belonging to the Russian-speaking Babuk syndicate posted a $4 million ransom demand against the Metropolitan Police Department on the dark web.
The demand came as more D.C. police officers received notice their confidential information was included within the scope of the April hack.
“In review of MPD records potentially accessed by unauthorized parties, it was determined that your background investigation was included,” reads an excerpt of a department notice to impacted officers.
The Babuk hackers claim to have published the confidential dossiers of 22 MPD employees. The website hosting the files on the dark web also contains a screen capture, which the hackers describe as ransom negotiations with U.S. officials.
“The negotiations reached a dead end, the amount we were offered does not suit us,” the hackers posted, in a message first revealed by WUSA9 late Monday. “We are posting 20 more personal [sic] files on officers… If tomorrow they do not raise the price, we will release all the data.”
In an email sent to DC Police, Contee said files containing personal information had been obtained during a Babuk ransomware attack that happened in late April.
"At this time, I can confirm that HR-related files with Personally Identifiable Information (PII) were obtained," Contee said in his message. "As we continue to determine the size and scope of this breach, please note that the mechanism that allowed the unauthorized access was blocked."
Babuk ransomware is a new cybersecurity threat discovered earlier this year. The criminal syndicate has targeted at least five major enterprises, with one firm already paying an $85,000 ransom, according to the cybersecurity company McAfee.